InformationWeek
Defining The Business Value Of Technology
All Security Stories
Microsoft Fix For 'Browse-And-Get-Owned' Flaw Coming Tuesday
Two zero-day vulnerabilities, one reported last week, will be fixed in Microsoft's monthly patch release next week.
DHS Systems More Secure, Inspector General Finds
Report indicates progress has been made certifying and accrediting the Department of Homeland Security's intelligence systems.
IBM To Patent Data Mask
Big Blue's MAGEN system uses optical character recognition to selectively scramble sensitive onscreen information such as healthcare or financial records.
Cyber Attack Hits South Korea Web Sites Again
Attack denies access to some banking and U.S. government sites and is similar to DDOS attack that hit U.S. and South Korean Web sites in recent days.
Google Chrome OS: Vaporware Or Victory?
Chrome OS, Google's newly announced operating system, isn't just a swipe at Microsoft. It's an attempt to realize the cloud computing future that Google's been predicting.
Details Emerge In U.S. Cyber Attacks
Malware that targeted Web sites of The White House, Department of Homeland Security, the FAA, and others appears to be a MyDoom variant.
Web Link Shrinkage Powers Spam Surge
The popularity of Twitter has lead to a proliferation of URL shortening services. Now spammers are taking notice and using link reduction to hide spam links.
Cyber Attacks Hit U.S. Government Sites; North Korea Eyed
Attacks crippled at least 11 U.S. government and private Web sites for much of the weekend. No data is believed to have been stolen.
Social Security Number Prediction Makes Identity Theft Easy
Posting your birthday on Facebook could help identity thieves predict your Social Security number, a new study finds.
PostgreSQL Upgrades Open Source Database Performance Tools
The 8.4 release of the database project offers improved administration, security, monitoring, and SQL features.
Apple's iPhone Vulnerable To Hotspot Hijacking
The new iPhone 3.0 software automatically launches the Safari browser in certain circumstances, a feature that makes the iPhone more usable and less secure.
Goldman's Alleged Code Thief Makes Bail
Programmer Sergey Aleynikov is under travel and computer use restrictions while awaiting trial.
Microsoft Warns Of 'Browse-And-Get-Owned' Attack
Attacks have been reported that attempt to exploit an unpatched vulnerability in Microsoft's Video ActiveX Control.
Dell Launches Forensics Service For Police
Digital-forensics package of hardware, software, and services would help police reduce data backlogs. Dell partners include Intel, EMC, Oracle, and Symantec.
Apple Planning Fix For iPhone SMS Flaw
An SMS vulnerability in Apple's iPhone is slated for disclosure at the Black Hat conference later this month. Apple is reportedly rushing to get a fix ready.
Mobile Payments Startup Raises $8 Million
Bling Nation is entering the highly competitive space filled with deep-pocketed rivals such as Visa and MasterCard.
China's Green Dam 'Definitely' Coming
The controversial requirement that PCs in China come with the Green Dam Web filter may have been postponed, but the rule will be implemented, a Chinese official insists.
Google Sees Spam Surging
Spam, like movie zombies, just keeps coming. Despite the closure of spam ISPs, unwanted messages continue to spread.
Zeus Trojan Variant Steals FTP Login Details
A new variant of the particularly malicious Zeus family of Trojans has surfaced and is compromising computers at an alarming rate.
China Delays 'Green Dam' Mandate
China has pushed back its deadline requiring all PCs sold in the country to include Web filtering software known as Green Dam. No new deadline has been set.
Web Filtering Company Reports Cyber Attack To FBI
The U.S.-based company that claims its programming code was unlawfully included in China's Green Dam software reports being targeted by a cyber attack.
Sony Begins Shipping PCs With Green Dam Filter
Company beats Chinese government's July 1 deadline, but Sony disclaims responsibility for any damage caused by the Web filtering software.
ICANN Names Security Expert As CEO
Rod Beckstrom, former director of the U.S. National Cybersecurity Center, faces demands to make the US organization into an international body.
Most PC Users Have A Dozen Dangerous Apps
The average PC user has a dozen unpatched applications installed.
Defense Secretary Orders Cyberspace Command
Initiative aims to unify offense and defense in cyberspace under U.S. military command and enable responses "in Internet time rather than bureaucratic time."
Green Dam Deadline Remains Unchanged Despite U.S. Objections
Chinese authorities claim that putting Green Dam censorware on all new PCs sold in the country is necessary to limit young people's exposure to "harmful information."
Cloudmark Goes After SMS Exploits
The carrier-grade mobile messaging security system provides content filtering, reputation data, and monitoring of text and multimedia messages.
Microsoft Security Essentials Beta Now Available
Once known as "Morro," Microsoft Security Essentials is the anti-malware component of Microsoft's subscription security service, Windows Live OneCare.
Inside China's Spam Crisis
Approximately 70% of all domains used in spam since the beginning of 2009 have a Chinese top-level domain.
U.S. State Dept. Condemns China's Green Dam Filter As Boycott Brews
China is insisting that computer makers install Web-filtering software known as Green Dam on all PCs sold in the country after July 1.
Google Tries Blocking Pornography In China
The engineering effort may require disentangling Google.cn from search indexes associated with other Google search sites, like Google.com.
Google's Anti-Malvertising.com Fights Off Bad Ads
The site was created because Google has a significant interest in making sure that ad blocking doesn't become a standard security practice.
Microsoft Security Essentials Beta Coming Tuesday
Previously code-named "Morro," the free software will replace Windows Live OneCare, which included both security and utility services for $49.95 per year.
Apple iPhone, iPod Security Flaws Get 45 Patches
Software patches were bundled with Apple's iPhone 3.0 operating system released Wednesday.
iPhone Gets Enterprise IT Boost From Startup Apperian
Apple's lack of interest in being a major player in enterprise IT has opened the door for Apperian to work with large corporations to develop applications for the iPhone.
China Making Green Dam Internet Filter Optional
The government's edict prompted widespread derision from Chinese bloggers, objections from Chinese academics and lawyers, and criticism from security experts.
Former Google Employees Launch Web Malware Startup
The company will address changing malware distribution patterns and to provide a way to respond to Web security threats using automated techniques.
Apple Fixes Java Security Hole
The flaw could have allowed a Java applet to execute malicious code on affected Macs, potentially leading to information theft or a compromised system.
Twitter Security Heating Up In July
In an effort to raise awareness of browser security flaws, one researcher wants to post a vulnerability every day that shows the soft underside of the Fail Whale.
China's Green Dam Software May Pose Legal Risk To U.S. Computer Makers
A research report indicates that the Web-filtering software mandated by the Chinese government contains unauthorized, proprietary code from a Green Dam competitor.
Lawmaker: Power Grid Vulnerable To Cyberattack
Hackers could bring down electrical grids serving entire regions of the U.S., leaving homes and businesses dark for months, Congressman says.
China 'Green Dam' Censorware Called Security Risk
Chinese authorities claim the software is necessary to protect people from pornography, but the software has been found to block politically sensitive terms.
U.S. Court Weighs E-mail Privacy, Again
At issue: whether e-mail messages deserve the same privacy protection as telephone calls.
Army Unblocks Some Social Media Sites
U.S. troops within the contiguous United States can now access Facebook, Delicious, Flickr, Twitter, Vimeo, and Web-based e-mail. YouTube and some other sites are still blocked.
Mac Users Warned Of Porn Malware Threat
Trojan software presents visitors to certain porn sites with a pop-up message to download a Video ActiveX Object; the download carries Mac malware.
China's Internet Filtering Plan Widely Criticized
Critics claim "Green Dam Youth Escort" Internet filtering software for PCs violates licensing agreements and anti-monopoly laws.
Microsoft To Launch Morro Antivirus 'Soon'
The free offering will replace subscription Windows Live OneCare service.
Insider Snooping Becoming More Common
In a survey, most respondents acknowledged being able to circumvent security access controls at their workplace.
Symantec, McAfee In Settlement Over Subscriptions
Both companies will pay $375,000 in penalties and costs and will now make detailed disclosures to consumers.
Microsoft Fixes Record Number Of Vulnerabilities
The company's June Patch Day included 10 security bulletins to fix 31 threats in Microsoft products.
Is Apple's iPhone 3GS Enterprise Ready?
The 3.0 software and iPhone 3GS offer incremental improvements for corporate deployments, but experts note some key elements are still missing.
Black Hat Founder Tapped To Advise Homeland Security
Jeff Moss, founder of the Black Hat and Defcon security conferences, is one of 16 people appointed to the Department of Homeland Security Advisory Council, as the government casts a wide net for perspectives on cybersecurity.
Alleged T-Mobile Data Offered To Highest Bidder
A note offering the data for sale says that the company's databases, confidential documents, and financial documents were stolen.
China To Require Filtering Software On PCs
Starting July 1, PC makers will have to install pornography-blocking app Green Dam Youth Escort on all computers sold in China.
Air Force Names Cyberwarfare Commander
The 24th Air Force, which will likely be based at Lackland Air Force Base in Texas, will focus exclusively on cyberwarfare as part of the larger Air Force Space Command.
FTC Shuts Down 'Worst ISP In U.S.'
Pricewert LLC is accused of hosting and actively distributing child pornography, malware, and spam.
Federal CIO Kundra Looks Forward To Data.Gov 2.0
The upgrades to the site, which will be available in a few months, will feature new ways to find and use data, including the ability to tag data sets.
Google Widens Its Gaze In Street View
Google's continuous corridor of 3-D space with building facades and roadway geometry is generated virtually using laser landscape measurements and picture difference comparisons.
Verizon Business Unveils 'Computing As A Service'
The company's CaaS users will be able to access a real-time self-service portal to manage physical and virtual servers, network devices, storage, and backup services.
RIM Issues Patch For BlackBerry Vulnerability
Enterprise BlackBerry smartphone users could be at risk if they open a maliciously crafted PDF, Research In Motion says.
Homeland Security Keeping Central Cybersecurity Role
The department's operational responsibility won't be undercut by the cybersecurity coordinator, a DHS undersecretary nominee says.
Government Accidently Posts Sensitive Nuclear Documents Online
The 267-page document contains addresses and descriptions of civilian nuclear sites around the country.
Homeland Security Names New Cybersecurity Officials
Philip Reitinger, who worked in cybersecurity for Microsoft and fought cybercrime for the Department of Justice, will help to coordinate cybersecurity efforts across the government.
Google Executive To Become Federal Deputy CTO
Andrew McLaughlin will find that he isn't the only ex-Google employee serving the Obama administration.
Cybersecurity Review Finds U.S. Networks 'Not Secure'
The report dovetails with President Obama's call for the creation of a cybersecurity coordinator who will orchestrate and integrate federal cybersecurity policies and agendas.
Obama Announces White House Cybersecurity Position
Names that have been bandied about include acting White House cybersecurity chief Melissa Hathaway and Microsoft VP Scott Charney.
Microsoft Warns Of 'Browse-And-Get-Owned' DirectX Flaw
The flaw could allow a remote attacker to execute malicious code by convincing or duping a user to open a specially crafted QuickTime media file.
Government Wrestles With Social Media Records Retention Policies
The National Archives is trying to navigate complex regulations that require capturing and storing all sorts of content in the age of social media, cloud computing, and seemingly endless storage.
White House Launching Transparency Blog
In a nod to openness and citizen participation in government, the Obama administration also will open White House blogs to public comments.
Obama Should Scrap Cybersecurity Czar, Analyst Says
Gartner expert says president's plan to protect nation's computing infrastructure won't work.
Anti-U.S. Hackers Infiltrate Army Servers
Exclusive: Defense Department investigators subpoena records from Google, Microsoft, and Yahoo in connection with ongoing probe.
Government Panel Calls For Privacy Policy Overhaul
Report to OMB outlines the creation of a chief privacy officer role and chief privacy officers at every federal agency that already has a CFO.
VMware Invests $20 Million In Terremark Cloud Services
The virtualization giant will own 5% of Terremark, which produces cloud and managed IT services for large companies and government agencies.
Department Of The Interior Can't Locate Many PCs
The federal agency can't locate 20% of its computers and, because it has no encryption requirements, the missing PCs could be vulnerable to data theft or loss.
Obama, White House To Oversee Cybersecurity Leadership
The national security staff will include new positions for addressing cybersecurity, information sharing on terrorism, border security, and preparedness and response.
Firefox Extension Malware Raises Security Questions
Mozilla's diligent cleanup rather than catching malicious add-ons before they reach the public has rankled some in the security community.
Army Deploying Vista On Hundreds Of Thousands Of Computers
The migration is driven by the better security offered in Windows Vista and Office 2007.
President Clinton Data On Hard Drive Lost By National Archives
The drive contains snapshots of the hard drives of departing administration officials, information that had been stored on 113 4-mm tape cartridges.
Verizon Beefs Up Handset Security
The over-the-air authentication service enables workers to securely access business networks from handsets nearly anywhere in the world.
YouTube Launches U.S. Government Portal
The channel aggregates videos from the White House, CDC, NASA, and other federal agencies using a player that complies with government privacy regulations.
Mac OS X Users Warned About Java Vulnerability
SoyLatte, an X11-based port of the FreeBSD Java 1.6 "patchset" to Mac OS X Intel machines, is also reportedly vulnerable.
Interop 2009 Show Winners
This year's champs come from every corner of IT -- cloud computing, virtualization, network management, security, wireless -- and more. Judges also handed out a green award, and picked a favorite startup before announcing the coveted Best Of Interop winner.
Microsoft Issues IIS Security Advisory
An exploit of the vulnerability could give an attacker access to a directory that normally requires authentication.
Craigslist CEO Demands Apology From S.C. Attorney General
The reaction comes after criticism of the online classified ad site, including accusations that the site has engaged in criminal acts.
Schools' Cybersecurity Needs Improvement
While more than half of surveyed schools reported a breach last year, 75% say their security infrastructure is adequate.
U.S. Defense Department Official Charged With Espionage
A civilian employee at the Pentagon has been charged with conspiring to provide classified information to an agent with ties to the People's Republic of China.
DHS Disaster Recovery Plans Lacking, Report Finds
Eight of the Department of Homeland Security's 27 critical systems don't have an identified alternate processing site.
Apple Mac OS X Update Has Nearly 70 Security Fixes
Version 10.5.7 addresses several issues with Apple's iCal and Mail applications, as well as its Parental Controls control panel.
Microsoft Patches PowerPoint Flaws, But Not For Mac
One of the 14 Patch Tuesday bulletins is rated "critical" and the rest are rated "important." All of them could lead to remote code execution.
Google Morocco Not Hacked, Company Insists
Internet users trying to reach Google Morocco were, for a few hours, sent to a Web site unaffiliated with Google.
Viral Art: A Gallery Of Security Threats
Visually, online threats such as viruses, worms, and Trojans can be as beautiful as they are menacing to individual PC users, enterprises, and IT security professionals.
UC Berkeley Health Service Data Stolen By Overseas Criminals
The breach went undiscovered for six months, during which time Social Security numbers and health insurance information were stolen.
Air Traffic Control System Repeatedly Hacked
A security audit finds a total of 763 high-risk, 504 medium-risk, and 2,590 low-risk vulnerabilities, such as weak passwords and unprotected folders.
Mass. Criminal Database Deemed Public Safety Risk
The 25-year-old system cannot reconcile arrests with court dispositions or use fingerprints to verify criminal history, state auditor Joe DeNucci finds.
Google Chrome Update Scheme Beats Firefox, Safari, Opera
By automatically updating the browser every five hours, Google Chrome provides greater security than its competitors, according to a new study.
EU Consumer Guide Seeks To Spur, Protect Web Users
An Internet consumers' bill of rights for citizens of the EU aims to promote online shopping and address security concerns.
Windows 7 Retains Windows Explorer Security Risk
A feature in Windows Explorer, the operating system's file management application, enables virus writers to disguise executable files, security researcher says.
NoScript Developer Apologizes For Meddling With AdBlock
His methods caused a furor in the Mozilla community over the weekend because he did not provide clear notification about what his software was doing.
Apple Rejects Nine Inch Nails App
The mere potential to stream objectionable content again raises developer concerns over Apple's approval process.
Virginia Health Data Potentially Held Hostage
An extortion demand seeks $10 million to return more than 8 million patient records allegedly stolen from Virginia Department of Health Professions.
SEARCH
SPONSOR
RECENT JOB POSTINGS
Featured Jobs:
Boeing seeking Software Engineer 5 in Anaheim, CA
KForce seeking Inside Sales Associate in San Diego, CA
Amalgamated Bank seeking Chief Information Officer in New York, NY
Apollo College seeking Medical Billing and Coding Instructors in Albuquerque, NM
Allstate seeking Exlusive Agent in Las Vegas, NV
For more great jobs, career-related news, features and services, please visit our Career Center.
CAREER NEWS
The tumbling of IT jobs stopped in the second quarter, as the IT sector added about 44,000 jobs.
It's just a glimmer, but Oracle is starting to see a bit of light at the end of the recession tunnel.
